Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/c22f61-133c-4d0c-88cf-a155e3f9d529/1/oxdJ9Pa6GP9zPbib8ASe1GC1At8.roa
File: oxdJ9Pa6GP9zPbib8ASe1GC1At8.roa (raw, json)
Hash identifier: MnDaAGP1gam6Rw7aGo6sApdmnWTZyipQSmvE6vgHhRM=
Subject key identifier: A3:17:49:F4:F6:BA:18:FF:73:3D:B8:9B:F0:04:9E:D4:60:B5:02:DF
Certificate issuer: /CN=0010ab7391769b5f2c54e33c8b5a7df9f37a33a8
Certificate serial: 08F92B8B
Authority key identifier: 00:10:AB:73:91:76:9B:5F:2C:54:E3:3C:8B:5A:7D:F9:F3:7A:33:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ABCrc5F2m18sVOM8i1p9-fN6M6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/c22f61-133c-4d0c-88cf-a155e3f9d529/1/oxdJ9Pa6GP9zPbib8ASe1GC1At8.roa
Signing time: Sat 01 Jan 2022 07:02:21 +0000
ROA not before: Sat 01 Jan 2022 07:02:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47829
IP address blocks: 2.58.236.0/22 maxlen: 24
193.176.236.0/24 maxlen: 24
2a09:ed40::/29 maxlen: 48
2001:67c:2c8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150547339 (0x8f92b8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0010ab7391769b5f2c54e33c8b5a7df9f37a33a8
Validity
Not Before: Jan 1 07:02:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a31749f4f6ba18ff733db89bf0049ed460b502df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4f:67:83:4f:1e:05:b0:c5:c4:96:06:ae:58:
e8:b4:15:64:39:2a:88:04:33:46:30:76:9e:15:66:
9a:44:dd:e5:15:22:2f:0b:2e:40:25:fd:ea:2f:83:
23:32:0a:97:bc:46:eb:0b:c6:54:16:52:f3:26:24:
e4:6d:f8:16:7d:b9:0c:d0:77:08:ae:09:82:c6:b5:
98:4f:a9:ed:0b:8d:1e:e3:5e:76:76:65:7f:87:cd:
14:e4:e0:8b:e5:12:92:f4:12:79:8b:f3:21:3b:b3:
c9:e8:47:be:9e:ce:8d:bd:b3:61:7f:80:7b:c8:46:
31:ac:28:ea:fb:d4:3f:68:1b:ec:ec:b5:a5:97:50:
c0:db:ff:9e:cd:6a:21:e7:83:60:cd:6f:c7:37:54:
a7:e4:ca:a9:ac:b1:6d:bc:b8:fd:96:0a:c5:88:35:
62:0a:fa:61:4b:74:b4:52:2a:be:41:18:dd:d8:43:
cc:3b:e0:25:4b:10:6d:ad:78:ed:0f:8b:2b:c9:d7:
6e:54:ea:57:f3:f0:91:65:85:fd:91:61:fd:ad:bc:
1b:88:b7:27:6f:16:ac:bb:1e:30:d9:6a:92:31:5a:
cc:dc:2c:2e:59:0d:96:a1:77:20:df:57:79:89:cd:
9b:bd:1f:29:67:a9:04:62:88:50:af:21:12:5f:08:
c1:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:17:49:F4:F6:BA:18:FF:73:3D:B8:9B:F0:04:9E:D4:60:B5:02:DF
X509v3 Authority Key Identifier:
keyid:00:10:AB:73:91:76:9B:5F:2C:54:E3:3C:8B:5A:7D:F9:F3:7A:33:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ABCrc5F2m18sVOM8i1p9-fN6M6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/c22f61-133c-4d0c-88cf-a155e3f9d529/1/oxdJ9Pa6GP9zPbib8ASe1GC1At8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/c22f61-133c-4d0c-88cf-a155e3f9d529/1/ABCrc5F2m18sVOM8i1p9-fN6M6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.236.0/22
193.176.236.0/24
IPv6:
2001:67c:2c8::/48
2a09:ed40::/29
Signature Algorithm: sha256WithRSAEncryption
5f:2e:2a:88:3b:86:e0:de:33:bc:6b:9f:9a:90:6d:b4:83:8e:
e1:63:9c:4b:4e:be:f2:98:0e:1e:b6:85:1a:c2:f8:aa:29:83:
36:07:ff:c1:43:80:14:6c:c3:cf:8a:35:34:29:5c:de:98:44:
d3:bc:ea:70:51:6b:f0:67:8b:a7:35:a9:cb:e1:7f:7a:fb:35:
b9:80:01:2d:07:52:12:5e:a5:c9:0e:78:ff:3c:ef:e2:40:94:
5c:dd:aa:55:e3:65:20:17:31:81:41:81:13:e0:3e:c0:01:63:
ab:05:46:c1:84:e0:60:f2:fe:5d:54:fe:a6:dd:9a:f0:6e:46:
af:b0:db:85:5e:c2:93:2d:b6:aa:3c:7c:1c:8c:07:bc:cc:b6:
00:a8:59:ba:74:d8:b2:d1:e0:1d:7a:ac:31:f9:dd:47:55:63:
7a:b9:6f:4a:dd:a4:a4:50:d0:e3:ab:ed:95:0e:98:28:24:52:
63:5c:d4:82:e3:e9:2a:14:55:1e:10:f1:04:d8:24:dd:4d:9d:
cb:ab:a4:ee:02:ee:a0:e3:10:bc:9b:34:30:46:e5:8b:79:be:
a4:89:df:d8:e2:23:f5:78:f4:54:d2:f0:8a:4a:1d:61:38:bb:
af:68:ba:c8:9a:18:ea:dc:80:07:31:d3:47:63:b4:ef:bb:5b:
ae:58:a0:ee
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIECPkrizANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MDEwYWI3MzkxNzY5YjVmMmM1NGUzM2M4YjVhN2RmOWYzN2EzM2E4MB4XDTIyMDEw
MTA3MDIyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTMxNzQ5ZjRmNmJh
MThmZjczM2RiODliZjAwNDllZDQ2MGI1MDJkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJZPZ4NPHgWwxcSWBq5Y6LQVZDkqiAQzRjB2nhVmmkTd5RUi
LwsuQCX96i+DIzIKl7xG6wvGVBZS8yYk5G34Fn25DNB3CK4Jgsa1mE+p7QuNHuNe
dnZlf4fNFOTgi+USkvQSeYvzITuzyehHvp7Ojb2zYX+Ae8hGMawo6vvUP2gb7Oy1
pZdQwNv/ns1qIeeDYM1vxzdUp+TKqayxbby4/ZYKxYg1Ygr6YUt0tFIqvkEY3dhD
zDvgJUsQba147Q+LK8nXblTqV/PwkWWF/ZFh/a28G4i3J28WrLseMNlqkjFazNws
LlkNlqF3IN9XeYnNm70fKWepBGKIUK8hEl8IwUMCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBSjF0n09roY/3M9uJvwBJ7UYLUC3zAfBgNVHSMEGDAWgBQAEKtzkXabXyxU
4zyLWn3583ozqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FCQ3JjNUYybTE4c1ZPTThpMXA5LWZONk02Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzIvYzIyZjYxLTEzM2MtNGQwYy04OGNmLWExNTVlM2Y5ZDUyOS8x
L294ZEo5UGE2R1A5elBiaWI4QVNlMUdDMUF0OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzIv
YzIyZjYxLTEzM2MtNGQwYy04OGNmLWExNTVlM2Y5ZDUyOS8xL0FCQ3JjNUYybTE4
c1ZPTThpMXA5LWZONk02Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwEgQCAAEwDAMEAgI67AMEAMGw7DAWBAIAAjAQAwcA
IAEGfALIAwUDKgntQDANBgkqhkiG9w0BAQsFAAOCAQEAXy4qiDuG4N4zvGufmpBt
tIOO4WOcS06+8pgOHraFGsL4qimDNgf/wUOAFGzDz4o1NClc3phE07zqcFFr8GeL
pzWpy+F/evs1uYABLQdSEl6lyQ54/zzv4kCUXN2qVeNlIBcxgUGBE+A+wAFjqwVG
wYTgYPL+XVT+pt2a8G5Gr7DbhV7Cky22qjx8HIwHvMy2AKhZunTYstHgHXqsMfnd
R1VjerlvSt2kpFDQ46vtlQ6YKCRSY1zUguPpKhRVHhDxBNgk3U2dy6uk7gLuoOMQ
vJs0MEbli3m+pInf2OIj9Xj0VNLwikodYTi7r2i6yJoY6tyABzHTR2O077tbrlig
7g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:19 2023 by rpki-client on console-ams.rpki-client.org